Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to get mountd to pass through checkpoint firewall

Posted on 2010-11-25
4
Medium Priority
?
2,217 Views
Last Modified: 2012-05-10
Hi All,

would someone be able to tell me how do I get NFS ports (particularly mountd) to pass through a Checkpoint R70 firewall? They are being blocked by Implied rules.

Ideally I'd like to be able to do this without changing the order in which the implied rules are applied to my rule base but if thats the only way then I'd like to find out what the repercussions could be on the rest of my rules.

Many thanks!
0
Comment
Question by:yellowteam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 79

Expert Comment

by:arnold
ID: 34215160
You should configure a VPN (remote) connection and access the NFS over the VPN.

Opening ports for NFS:
http://forums.freebsd.org/showthread.php?t=5123

There are different options depending on which NFS mode you use nfs3, or 4.
0
 

Author Comment

by:yellowteam
ID: 34215612
Hi there, sorry I should have mentioned that this is between two internal networks that are seperated by this firewall
0
 
LVL 79

Accepted Solution

by:
arnold earned 2000 total points
ID: 34218199
You would then need to setup a set of rules on the firewall to allow the  UDP/TCP traffic between the interface segments outlined in the link from the earlier post.

sunrpc            111/tcp         rpcbind      #SUN Remote Procedure Call
sunrpc            111/udp         rpcbind      #SUN Remote Procedure Call
nfsd-status      1110/tcp   #Cluster status info
nfsd-keepalive      1110/udp   #Client status info
nfsd            2049/tcp   nfs            # NFS server daemon
nfsd            2049/udp   nfs            # NFS server daemon
lockd            4045/udp   # NFS lock daemon/manager
lockd            4045/tcp

0
 

Author Comment

by:yellowteam
ID: 34218561
Hi There
Thanks for that, I've now gotten it working
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question